Blocking and Allowing Traffic with a Firewall

Hands-On Lab

 

Photo of Justin Mitchell

Justin Mitchell

Security Training Architect II in Content

Length

01:00:00

Difficulty

Beginner

For the Security+ Exam, it is important to understand how firewall rules work. In this hands-on lab, we will configure a couple of firewall rules on iptables, which is built into CentOS. After completing this lab, you will understand how firewall rules work in a hierarchical manner to allow and block traffic.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Blocking and Allowing Traffic with a Firewall

Introduction

For the Security+ Exam, it is important to understand how firewall rules work. In this hands-on lab, we will configure a couple of firewall rules on iptables, which is built into CentOS. After completing this lab, you will understand how firewall rules work in a hierarchical manner to allow and block traffic.

Connecting to the Lab

  1. Open your terminal application, and run the following command. (Remember to replace <PUBLIC_IP> with the public IP you were provided on the lab instructions page.)
    ssh cloud_user@<PUBLIC_IP>
  2. Type yes at the prompt.
  3. Enter your password at the prompt.

Create a Bash Script

  1. List the iptables firewall rules.
    sudo iptables -L
  2. Create a Bash script.
    cat >> firewall.sh
  3. Type Ctrl + Z to stop the Bash script.
  4. Install the vim text editor.
    sudo yum install vim
  5. Edit firewall.sh.
    vim firewall.sh
  6. Add the following four lines to the file:
    iptables -F
    iptables -A INPUT -s 0/0 -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A INPUT -s 0/0 -p tcp --dport 22 -j ACCEPT
    iptables -P INPUT DROP
  7. Press Esc, then type :wq to save our changes and exit the vim text editor.

Run the Bash Script

  1. Run the following command:
    sudo sh firewall.sh
  2. Enter your cloud_user password at the prompt.
  3. List the iptables firewall rules once again.
    sudo iptables -L

Conclusion

Congratulations, you've successfully completed this hands-on lab!